home

ntred.dll

Atom Security OOO

The module ntred.dll by Atom Security OOO has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Atom Security OOO  (signed and verified)

MD5:
b1e34a236e72ae1f5835e2b4c1dc71cc

SHA-1:
8dad8dcceb23d44b1e4d04db0a9632b780090610

SHA-256:
ee3970e288b3df0132c81955fc5e1abc9bca11f080d1f2b09faae45420a051f4

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 4:31:39 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.AtomSecu
16.9.19.10

File size:
1.4 MB (1,423,832 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\windows\syswow64\ltprx\ntred.dll

Digital Signature
Signed by:
Atom Security OOO

Authority:
COMODO CA Limited

Valid from:
6/24/2013 3:00:00 AM

Valid to:
6/25/2014 2:59:59 AM

Subject:
CN=Atom Security OOO, OU=development, O=Atom Security OOO, STREET="Academician Koptyuga Prospect, 4,office 158", L=Novosibirsk, S=nso, PostalCode=630090, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
717783EFCF5E8A80B86D166EFF5E6862

File PE Metadata
Compilation timestamp:
2/11/2014 9:34:43 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:MhRSgQiXGfLceJliduwkB8PE8o40N0mGOHs6tmqvBYAYrT1WVUwxoMnVxPw:WcgzXxx4wI8PToRN0mGMOAYrT8VlxnVi

Entry address:
0xE8679

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 57, D7, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, C4, 8C, 14, 10, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 5C, 60, 14, 10, 33, C5, 89, 45, FC, 53, 8B, 5D, 08, 57, 83, FB, FF, 74, 07, 53, E8, AB, D7, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, 68, A4, FF, FF, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF...
 
[+]

Code size:
1.1 MB (1,138,176 bytes)

Remove ntred.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.